JP2008278006A - Data packet transfer control method, system and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To guarantee quality for data packets of a reserving user and to perform disposal processing for data packets other than those of the reserving user. <P>SOLUTION: In the present invention, when an NRM receives a reservation request including information for reserving a communication path and data packet identification information from a reservation terminal, the communication path is secured based upon the information for reserving the communication path, the data packet identification information is stored in a reservation information storage means, and policy setting of packet identification for accommodating only data packets of the reserving user in a reservation path is made by reference to the reservation information storage means is performed; and network equipment stores policy information received from the NRM in a policy information storage means and refers to the policy information storage means based upon information of an input data packet to control transfer of the data packet. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a data packet transfer control method, system, and program, and in particular, guarantees the quality of a data packet of a reserved user who has reserved a communication path for data packet transfer, and discards data packets other than the reserved user. The present invention relates to a data packet transfer control method, system and program for performing the same.

  Conventionally, IP (Internet Protocol) or Ethernet (registered trademark) or the like also has a communication channel reservation service in a network having a packet layer.

In addition, a core location for pre-reserving distributed computing resources and network resources is realized. In this case, when a user makes a reservation request to GRS (Grid Resource Scheduler), GRS and NRM (Network Resource Management System) cooperate in advance to reserve computing resources and network resources. The NRM can use a web service module to select an optical path network band between computing resources, and can make an optical path advance reservation, a reservation correction, and the like (for example, see Non-Patent Documents 1 and 2). .
Atsuko Takebo, et al. "Core location experiment of computational resources and optical path network resources in the grid" SACSIS (Symposium on Advanced Computing systems and Infrastructures) 2006 Atsuko Takebo, et al. “Computer / Network Resource Core Experiment between Japan and the United States through Middleware Collaboration”, 164th Computer Architecture, 109th High Performance Computing Joint Research Presentation

  However, in NRM, only data packets of users who originally reserved the communication path should be accommodated in the communication path, but since the layer L2 / L3 service is provided, data packets of users who have not reserved the communication path Will also flow into the communication path.

  This is because the NRM cannot acquire policy information (data packet identification information) for discarding non-reserved packets, and therefore cannot discard unscheduled data packets that have flowed in the edge device of the network.

  For this reason, there are problems that the reserved bandwidth of the communication path cannot be guaranteed, and that service contracts such as moving image distribution / content distribution cannot be made with customers.

  The present invention has been made in view of the above points. A routing control method, system, and program capable of guaranteeing the quality of a data packet of a reserved user and realizing a discard process for a data packet of a non-reserved user The purpose is to provide.

  FIG. 1 is a diagram for explaining the principle of the present invention.

The present invention (Claim 1) is a data packet transfer control method for performing control for transferring a data packet of a user who reserved a communication path in a flow unit in a network having a packet layer,
In a computer used as a network resource management system (NRM),
When receiving a reservation request including at least information for reserving a communication path and data packet identification information for identifying that the reservation user wishes to be accommodated in the communication path from the terminal (step 1) secure a communication path based on information for reserving the communication path, and store the data packet identification information in the reservation information storage means (step 2);
Referring to the reservation information storage means, policy setting for packet identification is performed by transmitting policy information, which is a condition for accommodating only data packets that the reservation user desires to be accommodated, to the network device on the communication path. (Step 3)
In network devices that are set by NRM policy,
Policy information received from the NRM is stored in the policy information storage means (step 4),
Based on the input data packet information, the policy information storage means is referred to control the transfer of the data packet (step 5).

Further, the present invention (Claim 2) is an NRM,
The policy information is transmitted to all network devices on the layer 2 and layer 3 communication paths.

Further, the present invention (Claim 3) is a network device configured by NRM policy,
Based on the information of the input data packet, the policy storage means is referred to, and a VLAN or LSP label is assigned based on the policy information and transferred.

Further, the present invention (Claim 4) is a network device configured by NRM policy,
Based on the information of the input data packet, the policy storage means is referred to, and the data packet is discarded based on the policy information.

Further, the present invention (Claim 5) is a network device configured by NRM policy,
The traffic amount of the input data packet is measured, and when the contract amount of the policy information in the policy storage means is exceeded, the data packet is discarded.

Further, the present invention (Claim 6) has a VLAN management table for managing VLAN tags in the storage means in the NRM,
When a reservation request is received from a terminal, the VLAN management table is referenced, one of the unreserved VLAN tag IDs is selected, and a use permission including the selected unreserved VLAN tag ID is transmitted to the terminal. Policy information for dynamically setting the VLAN tag is transmitted to the network device.

Further, the present invention (Claim 7) has an LSP shim label management table for managing LSP shim labels in the storage means in the NRM,
When the reservation request is received from the terminal, the LSP shim label management table is referred to, one of the unreserved LSP Shim label numbers is selected, and the use permission including the selected unreserved LSP Shim label number is transmitted to the terminal. At the same time, policy information for dynamically setting the LSP Shim label is transmitted to the network device.

  FIG. 2 is a principle configuration diagram of the present invention.

The present invention (Claim 8) includes a terminal 10a, a plurality of network devices 210 that transfer user data packets in units of flows, and a network resource management system (NRM) that manages network resources in a network having a packet layer. A data packet transfer control system comprising a computer (hereinafter referred to as NRM) used as 100,
NRM100 is
When receiving a reservation request including at least information for reserving a communication path and data packet identification information for identifying that the reservation user wishes to be accommodated in the communication path from the terminal, Reservation request processing means 121 for securing a communication path based on information for reserving the communication path and storing the data packet identification information in the reservation information storage means 130;
By referring to the reservation information storage means 130, the policy information, which is a condition for accommodating only the data packet that the reservation user desires to be accommodated in the reservation path, is transmitted to the network device 210 on the communication path. Policy setting means 122 for setting the policy;
Have
The network device 210 is
Policy information storage means for storing policy information received from the NRM 100 in the policy information storage means 213;
A transfer control unit 214 that controls the transfer of the data packet by referring to the policy information storage unit 213 based on the information of the input data packet.

In the present invention (claim 9), the policy information is transmitted to all network devices 210 on the layer 2 and layer 3 communication paths in the NRM policy setting means 122.

Further, according to the present invention (Claim 10), in the transfer control means 214 of the network device 210,
It includes means for referring to the policy storage means 213 based on the information of the input data packet, assigning a VLAN or LSP label based on the policy information, and transferring it.

Further, according to the present invention (claim 11), in the transfer control means 214 of the network device 210,
It includes means for referring to the policy storage means 213 based on the information of the input data packet and discarding the data packet based on the policy information.

Further, the present invention (Claim 12) is provided in the transfer control means 214 of the network device 210.
When the traffic amount of the input data packet is measured and the contract amount of the policy information stored in the policy storage unit 213 is exceeded, a unit for discarding the data packet is included.

Further, the present invention (Claim 13) has a VLAN management table in the storage means in the NRM 100,
When a reservation request is received from the terminal 10a, the VLAN management table is referred to, one of the unreserved VLAN tag IDs is selected, and a use permission including the selected unreserved VLAN tag ID is transmitted to the terminal 10a. Means for transmitting policy information for dynamically setting the VLAN tag to the network device 210;

The present invention (Claim 14) has an LSP shim label management table for managing LSP shim labels in the storage means in the NRM 100,
When the reservation request is received from the terminal 10a, the LSP shim label management table is referred to, one of the unreserved LSP Shim label numbers is selected, and the use permission including the selected unreserved LSP Shim label number is given to the terminal 10a. And means for transmitting policy information for dynamically setting the LSP Shim label to the network device 210.

In addition, the present invention (Claim 15) provides a reservation request including at least information for reserving a communication path from a terminal and data packet identification information for identifying a data packet from the terminal to the computer. A reservation request processing function for securing a communication channel based on information for reserving the communication channel and storing the data packet identification information in a reservation information storage unit;
Policy setting for setting policy for packet identification by referring to the reservation information storage means and transmitting policy information, which is a condition for accommodating only the data packet of the reserved user in the reserved path, to the network device on the communication path Function and
It is a program that executes.

The present invention (Claim 16) provides a computer with:
A policy information storage function for storing the policy information received from the NRM in the policy information storage means;
A program for executing a transfer control function for controlling transfer of the data packet by referring to the policy information storage means based on the information of the input data packet.

  According to the present invention, by setting identification information for identifying a data packet of a reserved user as a policy for a device on the network communication path, only the user who reserved the communication path uses the path in the network. In addition to being identified as possible, data packets of unreserved users can be identified and discarded, so that the quality of data packets can be guaranteed for each reserved user.

  In addition, the network resource amount can be designed for each service.

  As a further extension, a transmission data packet of a user terminal (or a cluster PC or the like) can be identified, and a warning can be sent to the address of an unreserved user for the use of an unreserved user.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

[First Embodiment]
FIG. 3 is a diagram showing an operation image of the system according to the first embodiment of the present invention.

  The system shown in FIG. 1 accepts a reservation request from a network 200, a plurality of user terminals (PCs) 10 connected to the router 210 on the network 200, and a reservation terminal 10a that makes a reservation, and based on route setting and reservation It consists of an NRM (Network Resource Management System) 100 for setting packet identification policy. The network 200 includes a plurality of PXCs (Photonic Cross Connect) 220 connected to the edge router 210. Hereinafter, among the terminals (PCs) 10, a PC used by a user who makes a reservation will be described as a reservation terminal 10a, and a terminal that the user wants to accommodate in a communication path will be described as a PC 10b.

  The NRM 100 exchanges data packet identification information for identifying the data packet of the reservation user with the reservation terminal 10a, and manages the identification information as reservation management information in the storage means. When a reservation user makes a reservation for a communication path, route setting is performed for the router 210 on the network 200, and packet identification policy setting, transfer route setting, discard control, priority control, and the like are performed.

  FIG. 4 shows the configuration of the NRM in the first embodiment of the present invention.

  The NRM 100 shown in FIG. 1 includes a user control unit 110, a network control unit 120, a reservation table storage unit 130, a network information storage unit 140, a network device information storage unit 150, and a user information storage unit 160. The network information storage unit 140 stores information related to the connection of network devices on the network, and the network device information storage unit 150 stores information on resources on the network.

  When receiving the user request transmitted from the reservation terminal 10a, the user control unit 110 refers to the user information storage unit 160 and authenticates the user. The user authentication performed here is, for example, checking whether the user is a service contractor or the like, and does not necessarily have to be executed. If the authentication is successful, the network control unit 120 is inquired whether the reservation target communication path included in the user request can be reserved, and the result is returned to the reservation terminal 10a. In addition, when a communication channel reservation request is received from the reservation terminal 10 a, the packet identification information and application identification information included in the reservation request are output to the network control unit 120.

  When the network control unit 120 obtains an inquiry from the user control unit 110 as to whether or not the reservation target communication path can be reserved, the network control unit 120 and the network device information storage unit 150 are set based on the user request. With reference to this, it is determined whether or not there is an available communication path. If there is, a status “reservation is possible” is returned to the user control unit 110. When there is an available communication path, the contents of the packet identification information of the reservation request input from the user control unit 120 are stored in the reservation table storage unit 130, and the network device (router) on the reserved communication path is stored. To set the policy.

  The operation in the above configuration will be described.

  FIG. 5 is a sequence chart of the operation in the first embodiment of the present invention.

  Step 101) From the reservation terminal 10a, the reserved user receives a user identifier, a communication path start point, a communication path end point, a communication capacity (bandwidth), a data packet start address, a data packet end address, a data packet port number, and an allowance. A user request including a possible delay time, service start time / end time, and the like is transmitted to the NRM 100.

  Step 102) The user control unit 110 of the NRM 100 performs user authentication with reference to the user information storage unit 170 based on the user identifier, and outputs a user request from the authenticated user to the network control unit 120.

  Step 103) Based on the user request, the network control unit 120 refers to the network information storage unit 140 and the network device information storage unit 150. For example, the network control unit 120 can be used on the network using the method described in Non-Patent Document 1. It is determined whether there is a proper communication path, and the status “reservation possible / impossible” is returned to the reservation user terminal 10 a as a result via the user control unit 110. The determination process will be described in detail with reference to FIG.

  Step 104) The reservation terminal 10 a that has received the “reservation available” response transmits a reservation request to the NRM 100. The reservation request includes data packet identification information for identifying a data packet of the PC 10b that the reservation user wants to accommodate in the communication path and application identification information selected by the reservation user. At this time, the data packet identification information to be given includes Source IP address, Destination IP address, ToS, LSP shim header, VLAN tag ID, Ethernet mac address, Layer 4 port number, Layer 7 PDU, and the like.

  Step 105) In the network control unit 120 of the NRM 100, the content of the reservation request is recorded in the reservation table storage unit 130 for each reservation. An example of the reservation table is shown in FIG. In the reservation table, for each reservation number, the time when the reservation request is received (reception time), the communication path start point (node), the communication path end point (node), the start time, the end time, the communication capacity, packet identification information (packet identification information) Configuration for transmitting packets matching the information to the network device), application identification information, and the like are stored. Among these, the communication path start point / end point, start / end time, and communication capacity store the information requested by the user request in step 101. An example of accommodation conditions (policy information) transmitted to the network device is shown in FIG. The accommodation conditions shown in the figure are accommodation conditions for a network device (router), and show an example of discarding a packet with a matching port number and accommodating a packet with a matching source IP address. The router accommodates only packets that meet the conditions shown in the figure, and discards other packets.

  Step 106) The network control unit 120 of the NRM 100 refers to the network information storage unit 140, the network device information storage unit 150, and the reservation table storage unit 130, to the routers 210a and 210b on the communication path, for the reserved PC 10b. A policy is set for accommodating only data packets in the reserved path. Specifically, the contents of the reservation table are transmitted to the node 210 for each reservation in the reservation table storage unit 130.

  At this time, as shown in FIG. 8, in the provided network, when passing through the layer 2 / layer 3 network device (router) at the entrance, exit, and intermediate section, accommodation setting is performed for each router.

  In addition, as shown in FIG. 9, in the provided network, when passing through the layer 2/3 network device only at the entrance and exit, and passing through the layer 1 network device in the intermediate section, the starting point of the communication path It is also possible to set accommodation only to the terminal node.

  Step 107) When the packet is transferred from the PC 10b to the router 210 on the communication path, the router 210 stores the data packet in a memory (not shown), compares it with the policy set by the NRM 100, and determines the policy condition. If (accommodation condition) is satisfied, the packet is transferred to the next router, and if not satisfied, control is performed such as discarding the packet. The operation of the router will be described later.

  Step 108) When the packet transfer in each router 210 is completed, the NRM 100 performs the discard setting for the router for which the policy has been set. In the discard setting, information corresponding to the reservation number in the reservation table in which the policy is set is deleted, and the discard setting is notified to the router 210 on the communication path on which the policy is set.

  In the above flowchart, the “user request” and the “reservation request” are sent from the reservation terminal 10a to the NRM 100. However, the present invention is not limited to this example, and a request combining two requests is made once. May be performed only, or may be divided into two or more requests.

  Next, an operation for determining the presence or absence of an available communication path based on the packet identification information included in the user request upon receiving the user request in step 103 will be described.

  FIG. 10 is a flowchart of determination processing for a user request according to the first embodiment of this invention.

  Step 1031) When the network control unit 120 acquires a user request from the user control unit 110, the processing content of the user request is selected. At this time, if the user request is an inquiry about a communication channel that has already been reserved, the process proceeds to step 1036. Otherwise (communication channel reservation / inquiry), the process proceeds to step 1032.

  Step 1032) The network control unit 120 searches the communication path with reference to the network information storage unit 140 and the network device information storage unit 150. This process uses, for example, a method of determining whether there is an existing usable communication path such as Non-Patent Document 1.

  Step 1303) If there is an available communication path, the process proceeds to step 1034; otherwise, the process proceeds to step 1035.

  Step 1034) If there is an available communication path, a “reservation is possible” response is returned.

  Step 1035) If there is no available communication path, a “reservation impossible” response is returned.

  Step 1036) The network control unit 120 refers to the reservation table storage unit 130 and responds to the user terminal 10.

  Next, the operation on the router side in which the policy for data packet identification is set from the NRM 100 in the above step 107 will be described.

  FIG. 11 shows the configuration of the L2 switch / router in the first embodiment of the present invention.

  The L2 switch / router (hereinafter referred to as a router) 210 shown in the figure is set from a plurality of input ports 211 to which packets are input, a plurality of output ports 212 to output packets, input data packets, and NRM 100. A memory 213 for storing information of the reservation table and the like, and a route control unit 214 for performing packet transfer, routing, QoS, and the like.

  The path control unit 214 acquires the policy condition for data packet identification from the NRM 100, stores it in the memory 213, reads the identification information of the data packet input from the port 211 on the input side, and reads the read contents And a policy condition stored in the memory 213, and a packet that matches the policy condition is transferred from the port 212 on the output side to an appropriate path.

  12 to 14 are diagrams for explaining the operation of the router according to the first embodiment of this invention.

  FIG. 12 shows an operation in which an input packet is transferred to an appropriate path and accommodated in the router 210. When a packet is input from the port 211 on the input side in the route control unit 214 of the router 210, the data packet identification information of the input packet is read, the information is compared with the policy condition stored in the memory 213, and the policy is checked. Based on the conditions, a VLAN or LSP label is attached to the packet and transferred to a tunnel such as VLAN or LSP, or transferred to a statically set transfer route according to the contents of the static route. .

  FIG. 13 shows an operation of discarding an input packet other than the PC reserved in the router 210.

  The route control unit 214 of the router 210 compares the contents of the input data packet identification information with the policy condition, and discards packets that do not meet the policy condition. Note that a warning may be transmitted to a PC other than the reserved PC to the address of the terminal of the user who transmitted the packet.

  FIG. 14 shows an operation of discarding a packet according to the quality status of the input packet in the router 210.

  In order to realize QoS (Quality of Service) in the route control unit 214 of the router 210, the traffic amount of the input packet is measured using a measuring means such as a traffic monitor, and the traffic amount is determined in advance. The communication amount (contract amount) of the policy condition stored in the memory 213 is compared, and the traffic amount exceeding the contract amount is discarded. Refer to the document “Inside CISCO IOS Architecture, SOFTBANK PUBLISHING, ISBN: 4-7973-1726-4, pp.169-202” as a technique for realizing QoS.

[Second Embodiment]
In the present embodiment, policy setting for layer 2/3 will be described.

  FIG. 15 is a diagram showing an operation image of the system according to the second embodiment of the present invention.

  The network provided in the figure is a layer 2/3 network.

  In this case, the NRM 100 sets a policy for all the routers 310a, 310b, 310c, 310d, and 310e of all the layers 2/3 on the packet transfer path.

  FIG. 16 is a sequence chart of operations in the second embodiment of the present invention.

  Steps 201 to 205 are the same as steps 101 to 105 in the first embodiment described above. In the present embodiment, the NRM 100 transmits the contents of the reservation table storage unit 130 as a policy to the router 310 of each layer 2/3 as in step 206, and sets the policy. Each router 310 in the layer 2/3 stores the policy in the memory, and in step 207, when the packet is input, each router 310 checks the policy and transfers the packet.

  As a result, only the reserved user can use the route in the network as in the first embodiment.

[Third Embodiment]
In this embodiment, a case where a VLAN tag or an LSP shim label is added to the identification information of the data packet of the user request from the reserved user in the second embodiment will be described.

  FIG. 17 shows an example of a VLAN management table in the third embodiment of the present invention.

  The NRM 100 has a VLAN management table 170 in the storage means. The VLAN management table 170 includes items of a VLAN tag ID, a reservation ID in use, a reservation time, and a set network device (router) name (ID).

  When the NRM 100 receives the user request from the reservation terminal 10a, the NRM 100 selects one of the unreserved VLAN tag IDs with reference to the VLAN management table 170, and uses the selected unreserved VLAN tag ID. It returns to the terminal 10 as a response. Further, the NRM 100 sets policy information for dynamically setting a VLAN tag in the router 210.

  Accordingly, when the reservation user makes a reservation request to the NRM 100 using the VLAN tag ID permitted to be used by the NRM 100, the NRM 100 writes the reservation ID and reservation time of the reservation request in the VLAN management table 170, The router name (ID) set in the policy when the policy is set in the router is written.

  As for the LSP shim label, an LSP Shim label management table is prepared in the same manner as the VLAN management table 170 described above, and when a reservation request is received from the reservation terminal 10a, the LSPShim management table is referred to And the use permission including the selected unreserved LSPShim label number is transmitted to the reservation terminal 10a. Further, policy information for dynamically setting the LSPShim label is transmitted to the router 210.

  Accordingly, when the reservation user makes a reservation request to the NRM 100 using the LSP Shim label from the reservation terminal 10a, the NRM 100 sets the reservation ID, reservation time, and policy of the reservation request in the LSP Shim label management table. Write the router name (ID).

  When the present invention is applied to a video distribution service, the following operation can be considered.

  (1) A user refers to a movie distribution homepage.

  (2) The user designates “time to watch” and clicks “movie to watch”.

  (3) The user terminal receives the input command and transmits a request to the movie company.

  (4) The movie company (reservation terminal) requests the NRM to reserve a communication channel.

  (5) The movie company (reservation terminal) notifies the user of permission for movie distribution.

  (6) The NRM secures a communication channel when “time to see” arrives.

  (7) A movie company delivers a movie when the “time to watch” arrives.

  (8) The user terminal displays video to the user.

  It is also possible to construct the above-described NRM and the operation of the router on the communication path as a program, install it on a computer used as the NRM and router, execute it, or distribute the network.

  The present invention is not limited to the above-described embodiment, and various modifications and applications can be made within the scope of the claims.

  Since the present invention enables a service limited to the contractor by discarding data packets other than the contract (reservation) user, a pay-per-use contract for a short-term service such as movie / content distribution such as a movie It is applicable to.

It is a figure for demonstrating the principle of this invention. It is a principle block diagram of this invention. It is a figure which shows the operation | movement image of the system in the 1st Embodiment of this invention. It is a block diagram of NRM in the 1st Embodiment of this invention. It is a sequence chart of the operation | movement in the 1st Embodiment of this invention. It is an example of the reservation table in the 1st Embodiment of this invention. It is an example of the accommodation conditions stored in the reservation table memory | storage part in the 1st Embodiment of this invention. It is an accommodation setting example in the case of passing the apparatus of Layer 2/3 in the entrance, the exit, and the relay section in the 1st Embodiment of this invention. It is an accommodation setting example when only the entrance and the exit in the first embodiment of the present invention pass through the layer 2/3 device and pass through the layer 1 device in the relay section. It is a flowchart of the determination process with respect to the user request | requirement in the 1st Embodiment of this invention. It is an example of a structure of L2 switch / router in the 1st Embodiment of this invention. It is a figure for demonstrating operation | movement of the router in the 1st Embodiment of this invention (operation | movement which transfers an input packet to an appropriate path | pass, and accommodates it). It is a figure for demonstrating operation | movement of the router in the 1st Embodiment of this invention. It is a figure for demonstrating operation | movement of the router in the 1st Embodiment of this invention. It is a figure which shows the operation | movement image of the system in the 2nd Embodiment of this invention. It is a sequence chart in the 2nd Embodiment of this invention. It is an example of the VLAN management table in the 3rd Embodiment of this invention.

Explanation of symbols

10a Reserved terminal 10b Non-reserved user terminal 10c Non-reserved user terminal 100 NRM (network resource management system)
110 user control unit 120 network control unit 121 reservation request processing unit 122 policy setting unit 130 reservation information storage unit, reservation table storage unit 140 network information storage unit 150 network device information storage unit 160 user information storage unit 170 VLAN management table 210 network device 211 Input port 212 Output port 213 Policy information storage means, memory 214 transfer control means, path control unit 220 PXC

Claims (16)

A data packet transfer control method for performing control of transferring a data packet of a user who reserved a communication path in a unit of flow in a network including a packet layer,
In a computer used as a network resource management system (NRM),
When receiving a reservation request including at least information for reserving a communication path and data packet identification information for identifying that the user wishes to be accommodated in the communication path from the terminal, the communication Securing a communication path based on information for reserving a path, storing the data packet identification information in a reservation information storage means,
By referring to the reservation information storage means, the policy information, which is a condition for accommodating only the data packet that the reservation user desires to be accommodated in the reservation path, is transmitted to the network device on the communication path, thereby identifying the packet. Set policy settings,
In the network device set by the NRM as a policy,
The policy information received from the NRM is stored in policy information storage means,
A data packet transfer control method, comprising: referring to the policy information storage unit based on input data packet information to control transfer of the data packet. In the NRM,
The data packet transfer control method according to claim 1, wherein the policy information is transmitted to all network devices on a layer 2 / layer 3 communication path. In the network device set by the NRM as a policy,
2. The policy storage means is referred to based on information of the input data packet, and a VLAN (Virtual Local Area Network) or LSP (Label Switched Path) label is assigned based on the policy information and transferred. 2. The data packet transfer control method according to 2. In the network device set by the NRM as a policy,
3. The data packet transfer control method according to claim 1, wherein the policy storage unit is referred to based on the information of the input data packet, and the data packet is discarded based on the policy information. In the network device set by the NRM as a policy,
The data packet transfer control method according to claim 1 or 2, wherein the traffic amount of the input data packet is measured, and if the contract amount of the policy information in the policy storage means is exceeded, the data packet is discarded. In the NRM, the storage means has a VLAN management table for managing VLAN labels,
When the reservation request is received from the terminal, the VLAN management table is referenced, one of the unreserved VLAN tag IDs is selected, and the use permission including the selected unreserved VLAN tag ID is transmitted to the terminal. 3. The data packet transfer control method according to claim 2, wherein policy information for dynamically setting the VLAN tag is transmitted to the network device. In the NRM, the storage means has an LSP shim label management table for managing LSP shim labels,
When the reservation request is received from the terminal, the LSP shim label management table is referred to, one of the unreserved LSP Shim label numbers is selected, and the use permission including the selected unreserved LSP Shim label number is selected. The data packet transfer control method according to claim 2, wherein the policy information for dynamically setting the LSP Shim label is transmitted to the network device while being transmitted to the terminal. In a network having a packet layer, a terminal, a plurality of network devices that transfer user data packets in units of flows, and a computer used as a network resource management system (NRM) that manages network resources (hereinafter referred to as NRM). A data packet transfer control system comprising:
The NRM is
When receiving a reservation request including at least information for reserving a communication path and data packet identification information for identifying that the reservation user wishes to be accommodated in the communication path from the terminal, Reservation request processing means for securing a communication path based on information for reserving a communication path and storing the data packet identification information in a reservation information storage means;
By referring to the reservation information storage means, the policy information, which is a condition for accommodating only the data packet that the reservation user desires to be accommodated in the reservation path, is transmitted to the network device on the communication path, thereby identifying the packet. Policy setting means for setting the policy;
Have
The network device is:
Policy information storage means for storing the policy information received from the NRM in a policy information storage means;
Transfer control means for controlling transfer of the data packet by referring to the policy information storage means based on the information of the input data packet;
A data packet transfer control system comprising: The policy setting means of the NRM is:
The data packet transfer control system according to claim 8, wherein the policy information is transmitted to all network devices on a layer 2 / layer 3 communication path. The transfer control means of the network device includes:
10. The data packet transfer control system according to claim 8, further comprising means for referring to said policy storage means based on said inputted data packet information, assigning a VLAN or LSP label based on said policy information, and transferring. . The transfer control means of the network device is
10. The data packet transfer control system according to claim 8, further comprising means for referring to said policy storage means based on said inputted data packet information and discarding said data packet based on said policy information. The transfer control means of the network device is
10. The data packet transfer control according to claim 8, further comprising means for measuring a traffic amount of the input data packet and discarding the data packet when the policy information contract amount of the policy storage means is exceeded. system. In the NRM, the storage means has a VLAN management table,
When the reservation request is received from the terminal, the VLAN management table is referenced, one of the unreserved VLAN tag IDs is selected, and the use permission including the selected unreserved VLAN tag ID is transmitted to the terminal. The data packet transfer control system according to claim 9, further comprising means for transmitting policy information for dynamically setting the VLAN tag to the network device. In the NRM, the storage means has an LSP shim label management table for managing LSP shim labels,
When the reservation request is received from the terminal, the LSP shim label management table is referred to, one of the unreserved LSP Shim label numbers is selected, and the use permission including the selected unreserved LSP Shim label number is selected. 12. The data packet transfer control system according to claim 11, further comprising means for transmitting policy information for dynamically setting the LSP Shim label to the network device while transmitting to the terminal. On the computer,
When receiving a reservation request including at least information on a communication channel to be reserved and data packet identification information for identifying that the data packet is from the terminal, a communication channel is secured based on the information on the communication channel. A reservation request processing function for storing the data packet identification information in the reservation information storage means;
A policy for setting policy for packet identification by referring to the reservation information storage means and transmitting policy information, which is a condition for accommodating only the data packet of the reserved user in the reserved path, to the network device on the communication path. Setting function,
A program characterized in that is executed. On the computer,
A policy information storage function for storing the policy information received from the NRM in a policy information storage means;
A transfer control function for controlling the transfer of the data packet by referring to the policy information storage means based on the information of the input data packet;
A program characterized in that is executed.

Images